Inconsistent browser security highlighted
10 August 2010 - 08:33 by Paul Tissington
Online security researchers have expressed concern at the way in which common web browsers claim to offer secure, private browsing while actually supplying a mixed bag of potentially vulnerable functionalities.
Experiments were carried out on Internet Explorer, Mozilla Firefox, Apple's Safari and Google Chrome by academics at Stanford University in the US. They concluded that although all four promised security to users looking to carry out protected banking and safe shopping online, this was not always as possible as was previously thought.
Protecting the privacy of the user is essential online, because without security measures personal information like browsing history and payment card details can be made accessible to websites, which in the best case will simply allow sites to assail the user with targeted advertising and in the worst will put them at risk of identity theft and fraud.
Safari comes under criticism for its ability to protect users from intrusive security breaches launched on a local scale only, while the likes of Chrome and Firefox both monitor and prevent online assaults.
Firefox is not the golden standard for security, however, because researchers found that it would respond to different threats and requests for data in different, fragmented ways, allowing some information to leak even when the browser was in its securest mode.
The researchers believe that there is potential for every browser to violate the privacy of the user, no matter which vendor has produced them and they warn that those looking to perform safe shopping online using the secure browsing options on their program of choice, could be faced with patchy, uneven results.
The researchers suggest that online retailers and other reputable websites should format their pages to comply to the specific quirks of particular browsers, identifying that they have created a secure, private browsing experience via main page insignia which the user could then peruse and use to confirm the security of a given site.